artsy-auth 0.1.7 → 0.1.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +10 -9
- data/lib/artsy-auth.rb +2 -2
- data/lib/artsy-auth/{application_controller.rb → authenticated.rb} +8 -2
- data/lib/artsy-auth/session_controller.rb +2 -3
- data/lib/artsy-auth/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7a2f2591b274cf4eba66d78b563365f51341cbaf
|
4
|
+
data.tar.gz: 38ba2fbbfe919ef424cfa0c1f8a8b7e07d11fc8c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b35055a3b5ab3b5e3de9f1a6e0454d5d45fda0977c2f117a620c0b2e057979fba571c621306117ec1215358c91dc48206a009a13a5c3a97c9e86cfca6e963088
|
7
|
+
data.tar.gz: df30a0ef5f1c67da6ae1635967043770191712fc3118f2ba0ed0d6f4bd91283a911ebced4ba82912f04255579cd4f30efd03ec247457969995a0f0a504690cbb
|
data/README.md
CHANGED
@@ -3,7 +3,7 @@
|
|
3
3
|
Ruby Gem for adding Artsy's omniauth based authentication to your app.
|
4
4
|
|
5
5
|
## Installation
|
6
|
-
Add following line to your Gemfile
|
6
|
+
Add following line to your Gemfile.
|
7
7
|
|
8
8
|
```
|
9
9
|
gem 'artsy-auth'
|
@@ -32,26 +32,27 @@ You also need to mount session related endpoints to your app, in your `config/ro
|
|
32
32
|
mount ArtsyAuth::Engine => '/'
|
33
33
|
```
|
34
34
|
|
35
|
-
In order to force authentication, you need to
|
35
|
+
In order to force authentication, you need to include 'ArtsyAuth::Authenticated' in your controller, you also need to add (override) `authorized_artsy_token?` method there which gets a token and in your app you need to define how do you authorize that token, for example:
|
36
36
|
```ruby
|
37
37
|
class ApplicationController < ArtsyAuth::ApplicationController
|
38
38
|
# Prevent CSRF attacks by raising an exception.
|
39
39
|
protect_from_forgery with: :exception
|
40
40
|
|
41
|
-
#
|
41
|
+
# This will make sure calls to this controller have proper session data
|
42
|
+
# if they don't it will redirect them to oauth url and once authenticated
|
43
|
+
# on successful authentication we'll call authorized_artsy_token
|
44
|
+
include ArtsyAuth::Authenticated
|
45
|
+
|
46
|
+
# override application to decode token and allow only users with `tester` role
|
42
47
|
def authorized_artsy_token?(token)
|
43
48
|
decoded_token, _headers = JWT.decode(token, 'some-secret')
|
44
49
|
decoded_token['roles'].include? 'tester'
|
45
50
|
end
|
46
51
|
end
|
47
52
|
```
|
48
|
-
Note that this will add authentication to all of your controllers, if you want to skip Artsy's authentication for specific controller you can skip it in your controller by adding:
|
49
|
-
```ruby
|
50
|
-
class TestController
|
51
|
-
skip_before_action :require_artsy_authentication
|
52
|
-
end
|
53
|
-
```
|
54
53
|
|
54
|
+
# Update From Version < 0.1.7
|
55
|
+
In previous versions you would change your `ApplicationController` to inherit from `ArtsyAuth::ApplicationController`, with versions > `0.1.7` you need to `include ArtsyAuth::Authenticated` like the example above.
|
55
56
|
|
56
57
|
# Contributing
|
57
58
|
|
data/lib/artsy-auth.rb
CHANGED
@@ -1,8 +1,8 @@
|
|
1
|
+
require 'artsy-auth/authenticated'
|
1
2
|
require 'artsy-auth/config'
|
2
3
|
require 'artsy-auth/engine'
|
3
|
-
require 'artsy-auth/version'
|
4
|
-
require 'artsy-auth/application_controller'
|
5
4
|
require 'artsy-auth/session_controller'
|
5
|
+
require 'artsy-auth/version'
|
6
6
|
|
7
7
|
module ArtsyAuth
|
8
8
|
end
|
@@ -1,6 +1,12 @@
|
|
1
1
|
module ArtsyAuth
|
2
|
-
|
3
|
-
|
2
|
+
module Authenticated
|
3
|
+
extend ActiveSupport::Concern
|
4
|
+
|
5
|
+
included do
|
6
|
+
before_action :require_artsy_authentication
|
7
|
+
end
|
8
|
+
|
9
|
+
private
|
4
10
|
|
5
11
|
def require_artsy_authentication
|
6
12
|
if session[:access_token]
|
@@ -1,6 +1,5 @@
|
|
1
1
|
module ArtsyAuth
|
2
|
-
class SessionsController <
|
3
|
-
skip_before_action :require_artsy_authentication
|
2
|
+
class SessionsController < ActionController::Base
|
4
3
|
def create
|
5
4
|
session[:user_id] = auth_hash['uid']
|
6
5
|
session[:email] = auth_hash['info']['raw_info']['email']
|
@@ -19,4 +18,4 @@ module ArtsyAuth
|
|
19
18
|
request.env['omniauth.auth']
|
20
19
|
end
|
21
20
|
end
|
22
|
-
end
|
21
|
+
end
|
data/lib/artsy-auth/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: artsy-auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.8
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Artsy
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-06-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: omniauth-oauth2
|
@@ -134,7 +134,7 @@ files:
|
|
134
134
|
- config/initializers/omniauth.rb
|
135
135
|
- config/routes.rb
|
136
136
|
- lib/artsy-auth.rb
|
137
|
-
- lib/artsy-auth/
|
137
|
+
- lib/artsy-auth/authenticated.rb
|
138
138
|
- lib/artsy-auth/config.rb
|
139
139
|
- lib/artsy-auth/engine.rb
|
140
140
|
- lib/artsy-auth/session_controller.rb
|